If you click on the link you are taken to a rogue Facebook application, which asks you to give it permission to access your profile, which includes giving it the ability to post from your account in your name.

Sadly, many people are all too quick to give permissions to rogue applications like this free reign to their Facebook account – allowing scams like this to spread rapidly and virally between Facebook friends.

If you are foolhardy enough to continue, you are taken to a webpage which contains a survey. This is where the scammers behind the scheme make their money.

Every survey which is completed earns them some commission. In some cases they might also ask for your mobile phone number in order to sign you up for an expensive premium-rate service.

And you? Well, you’ll find that the rogue application has meanwhile taken the opportunity to post a message on your Facebook page, which is now being seen by all of your online friends. When I deliberately infected a test account with the rogue application it got my first status message incorrect, as well as the date that I first posted to the Facebook account.

So, in other words, it’s a complete confidence trick. It doesn’t tell you your first status message on Facebook – and it’s only intention is to drive as many people as possible into sharing the link (which can vary – we have seen several examples) further and further across Facebook, earning the scammers money.

Regular readers of the Naked Security site will be all too familiar with survey scams and rogue applications, and realise the dangers in allowing an app written by unknown third parties to access their Facebook profile. But there are plenty of others out there on Facebook who are still oblivious to scams like this.

Here’s a YouTube video where I show you how to clean-up your Facebook account if you were hit by this, or similar scams:

Keep your wits about you and stay informed about the latest scams spreading fast across Facebook. One of the best ways to do that is to join the Sophos Facebook page, where a 100,000-strong community is regularly sharing information on threats and discussing the latest security news.

I've just been pinged by a very similar looking scam application that claimed to be from facebook and was a link to set up the new @facebook.com email address! Exactly the same MO…to prove I was human I had to complete a survey! I deleted it immediately but not before it bombarded my whole friends list with with a very tempting link to dupe them as well! GGrrr!!!!

I – uncharacteristically – clicked on the link, but saw a different Request for Permission page. It was suspicious so I didn't click further, but closed ALL open windows via ALT-CTRL-DEL. Nevertheless, a survey window popped up – closed *that* the same way, but the next time I logged onto FB, my status had been changed. (I notified the friend whose link originally led me there, and he says that he didn't give permission for the ap at all either). Posted a warning message on my status myself, and then delted the ap within my account settings. Lesson well and truly learned!

I clicked. It looked like some of the harmless apps that went around last year at this time and I thought I could trust it. And the window that pops up to give the app permissions is exactly the same as every other legit app, isn't it? It's a facebook policy to have apps ask permission to dig into your personal information … how else is it going to read your statuses and post on your wall?

So are you saying we should *never* trust a third party app?

Anyway, I know enough about what to do after that to back right out of this one. A survey came up, cluing me into the rogue app, so I backed out of the page and went straight for my profile to take care of the message that I was sure was there. And no, it wasn't my "first status", it was the same one as the girl whose link I clicked on in the first place.

So I posted a comment to the status "DON'T CLICK ON THIS, IT'S A SCAM!" (in case it posted to the news feed of my friends) and then deleted it off my page, then went to the apps page and deleted the app.

erm.. i dont know what account you used but first you broke the facebook terms by creating a 'testing' account. I used this app and i've only recently joined Facebook and this worked like a charm and posted my first status (I was able to scroll down because i haven't been on that long).

I think you may need to adjust this abit… if you read the small text it also says it only works on some accounts (I assume new accounts?).